package com.fox.stock.security.handler;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.fox.stock.pojo.vo.resq.R;
import com.fox.stock.pojo.vo.resq.ResponseCode;
import org.springframework.http.MediaType;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class StockAccessDenyHandler implements AccessDeniedHandler {
    /**
     * 用户存在,无权限的处理策略
     */
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException {

        response.setContentType(MediaType.APPLICATION_JSON_VALUE);
        response.setCharacterEncoding("UTF-8");
        //认证用户访问资源时权限拒绝处理策略
        // 说明票据解析出错,票据失效
        R<Object> error = R.error(ResponseCode.NOT_PERMISSION);
        response.getWriter().write(new ObjectMapper().writeValueAsString(error));

    }
}
